/**
 *
 */
package com.ybkj.daijia.server.filters;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import nl.captcha.Captcha;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

/**
 *
 * 增加验证码判断
 *
 * @author Shine
 *
 */
public class AuthenticationFilter extends FormAuthenticationFilter {

    @Override
    protected AuthenticationToken createToken(ServletRequest request,
        ServletResponse response) {
        String username = getUsername(request);
        String password = getPassword(request);
        boolean rememberMe = isRememberMe(request);
        String host = getHost(request);
        String answer = WebUtils.getCleanParam(request, "captcha");
        String vcode = WebUtils.getCleanParam(request, "vcode");
        //String captchaId =getCaptchaId(request);

        String IPAddress = "";
        HttpServletRequest localHttpServletRequest = (HttpServletRequest) request;
//		if(((HttpServletRequest) request).getMethod().equals(RequestMethod.GET)){
//			return null;
//		}
        if (localHttpServletRequest.getHeader("x-forwarded-for") == null) {
            IPAddress = localHttpServletRequest.getRemoteAddr();
        } else {
            IPAddress = localHttpServletRequest.getHeader("x-forwarded-for");
        }

        Captcha captcha = (Captcha) ((HttpServletRequest) request).getSession()
            .getAttribute(Captcha.NAME);

        return new com.ybkj.daijia.server.AuthenticationToken(username, password, rememberMe, host,
            answer, IPAddress, vcode, captcha);
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request,
        ServletResponse response) throws Exception {

        HttpServletRequest localHttpServletRequest = (HttpServletRequest) request;

        HttpServletResponse localHttpServletResponse = (HttpServletResponse) response;

        String str = localHttpServletRequest.getHeader("X-Requested-With");

        if ((str != null) && (str.equalsIgnoreCase("XMLHttpRequest"))) {
            localHttpServletResponse.addHeader("loginStatus", "accessDenied");
            localHttpServletResponse.sendError(403);
            return false;
        }

        return super.onAccessDenied(request, response);
    }


    @Override
    protected boolean executeLogin(ServletRequest request,
        ServletResponse response) throws Exception {

        AuthenticationToken token = createToken(request, response);

        if (token == null) {
            String msg =
                "createToken method implementation returned null. A valid non-null AuthenticationToken "
                    +
                    "must be created in order to execute a login attempt.";
            throw new IllegalStateException(msg);
        }
        try {
            Subject subject = getSubject(request, response);
            subject.login(token);
            return onLoginSuccess(token, subject, request, response);
        } catch (AuthenticationException e) {
            e.printStackTrace();
            return onLoginFailure(token, e, request, response);
        }

    }

    public String getCaptchaId(ServletRequest request) {
        String captchaId = WebUtils.getCleanParam(request, "captchaId");
        if (StringUtils.isEmpty(captchaId)) {
            captchaId = WebUtils.getHttpRequest(request).getSession().getId();
        }

        return captchaId;
    }

}
